Skip to content

Instantly share code, notes, and snippets.

@gabe1314

gabe1314/SecurityGroupsDomainControllersCFTemplate.json

Last active November 29, 2017 20:30
Show Gist options
  • Save gabe1314/1c42f15009ea181d025e3842e478be9f to your computer and use it in GitHub Desktop.
Save gabe1314/1c42f15009ea181d025e3842e478be9f to your computer and use it in GitHub Desktop.
Download ZIP
This template creates the Security Groups Required Domain Controllers
Raw
SecurityGroupsDomainControllersCFTemplate.json
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "(0001) - This template creates the Security Groups Required for Domain Controllers - Please update the Parameters as they pertain to your envrionments.",
"Parameters": {
"Mappings": {
"Resources": {
"Properties": {
"DomainControllerSG1": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Domain Controller",
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupIngress": [{
"IpProtocol": "tcp",
"FromPort": "5985",
"ToPort": "5985",
"CidrIp": {
"Ref": "VPCCIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": {
"Ref": "VPCCIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "123",
"ToPort": "123",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "135",
"ToPort": "135",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "9389",
"ToPort": "9389",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "138",
"ToPort": "138",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "445",
"ToPort": "445",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "445",
"ToPort": "445",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "464",
"ToPort": "464",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "464",
"ToPort": "464",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "49152",
"ToPort": "65535",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "49152",
"ToPort": "65535",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "389",
"ToPort": "389",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "389",
"ToPort": "389",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "636",
"ToPort": "636",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3268",
"ToPort": "3268",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3269",
"ToPort": "3269",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "53",
"ToPort": "53",
"CidrIp": {
"Ref": "VPCCIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "53",
"ToPort": "53",
"CidrIp": {
"Ref": "VPCCIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "9389",
"ToPort": "9389",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "88",
"ToPort": "88",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "88",
"ToPort": "88",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "5355",
"ToPort": "5355",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "137",
"ToPort": "137",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "139",
"ToPort": "139",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "5722",
"ToPort": "5722",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "123",
"ToPort": "123",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "135",
"ToPort": "135",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "9389",
"ToPort": "9389",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "138",
"ToPort": "138",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "445",
"ToPort": "445",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "445",
"ToPort": "445",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "464",
"ToPort": "464",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "464",
"ToPort": "464",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "49152",
"ToPort": "65535",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "49152",
"ToPort": "65535",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "389",
"ToPort": "389",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "389",
"ToPort": "389",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "636",
"ToPort": "636",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3268",
"ToPort": "3268",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3269",
"ToPort": "3269",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "53",
"ToPort": "53",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "53",
"ToPort": "53",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "88",
"ToPort": "88",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "88",
"ToPort": "88",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3389",
"ToPort": "3389",
"CidrIp": {
"Ref": "DMZ1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3389",
"ToPort": "3389",
"CidrIp": {
"Ref": "DMZ2CIDR"
}
},
{
"IpProtocol": "icmp",
"FromPort": "-1",
"ToPort": "-1",
"CidrIp": {
"Ref": "VPCCIDR"
}
}
]
}
},
"DomainControllerSG2": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Domain Controller",
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupIngress": [{
"IpProtocol": "tcp",
"FromPort": "5985",
"ToPort": "5985",
"CidrIp": {
"Ref": "VPCCIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "80",
"ToPort": "80",
"CidrIp": {
"Ref": "VPCCIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "123",
"ToPort": "123",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "135",
"ToPort": "135",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "9389",
"ToPort": "9389",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "138",
"ToPort": "138",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "445",
"ToPort": "445",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "445",
"ToPort": "445",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "464",
"ToPort": "464",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "464",
"ToPort": "464",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "49152",
"ToPort": "65535",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "49152",
"ToPort": "65535",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "389",
"ToPort": "389",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "389",
"ToPort": "389",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "636",
"ToPort": "636",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3268",
"ToPort": "3268",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3269",
"ToPort": "3269",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "53",
"ToPort": "53",
"CidrIp": {
"Ref": "VPCCIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "53",
"ToPort": "53",
"CidrIp": {
"Ref": "VPCCIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "9389",
"ToPort": "9389",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "88",
"ToPort": "88",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "5355",
"ToPort": "5355",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "137",
"ToPort": "137",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "139",
"ToPort": "139",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "5722",
"ToPort": "5722",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "123",
"ToPort": "123",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "135",
"ToPort": "135",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "9389",
"ToPort": "9389",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "138",
"ToPort": "138",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "445",
"ToPort": "445",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "445",
"ToPort": "445",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "464",
"ToPort": "464",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "464",
"ToPort": "464",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "49152",
"ToPort": "65535",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "49152",
"ToPort": "65535",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "389",
"ToPort": "389",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "389",
"ToPort": "389",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "636",
"ToPort": "636",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3268",
"ToPort": "3268",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3269",
"ToPort": "3269",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "53",
"ToPort": "53",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "53",
"ToPort": "53",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "88",
"ToPort": "88",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "udp",
"FromPort": "88",
"ToPort": "88",
"SourceSecurityGroupId": {
"Ref": "DomainMemberSG"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3389",
"ToPort": "3389",
"CidrIp": {
"Ref": "DMZ1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3389",
"ToPort": "3389",
"CidrIp": {
"Ref": "DMZ2CIDR"
}
},
{
"IpProtocol": "icmp",
"FromPort": "-1",
"ToPort": "-1",
"CidrIp": {
"Ref": "VPCCIDR"
}
}
]
}
},
"DomainMemberSG": {
"Type": "AWS::EC2::SecurityGroup",
"Properties": {
"GroupDescription": "Domain Members",
"VpcId": {
"Ref": "VPC"
},
"SecurityGroupIngress": [{
"IpProtocol": "tcp",
"FromPort": "53",
"ToPort": "53",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "53",
"ToPort": "53",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "49152",
"ToPort": "65535",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "49152",
"ToPort": "65535",
"CidrIp": {
"Ref": "PrivSub1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "53",
"ToPort": "53",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "53",
"ToPort": "53",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "49152",
"ToPort": "65535",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "udp",
"FromPort": "49152",
"ToPort": "65535",
"CidrIp": {
"Ref": "PrivSub2CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3389",
"ToPort": "3389",
"CidrIp": {
"Ref": "DMZ1CIDR"
}
},
{
"IpProtocol": "tcp",
"FromPort": "3389",
"ToPort": "3389",
"CidrIp": {
"Ref": "DMZ2CIDR"
}
}
]
}
}
}
}
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment